PALLAS Enterprise — Pilon Laboratories
Technical Abstract  ·  Pilon Laboratories Inc.
Chrono-Isolated Secrecy: A Post-Quantum Ephemeral Signing Architecture for Financial Transaction Authorization
Empirical performance characterization of the Quantum State Key (QSK) ceremony and software MVP benchmarks for Chief Quantum Risk Officer evaluation
Author: Derek Arsenault
Organization: Pilon Laboratories Inc., Truro, NS
Date: May 31, 2026
Document Type: Technical Abstract / Sandbox Evaluation
Patent Reference: QSK — CIPO Filed April 14, 2026 (71 claims)
Classification: Public Technical Abstract · Sandbox Evaluation Material
Standard: NIST FIPS 204 · ML-DSA-87 · Security Level 5
SDK Version: PALLAS Auth SDK v0.1.0
↓ Download Whitepaper PDF ↓ Download Demo Report PDF
Abstract
This paper presents the Quantum State Key (QSK) architecture — a novel post-quantum cryptographic signing mechanism designed for high-assurance financial transaction authorization. The defining property of QSK, termed Chrono-Isolated Secrecy (CIS), is that no signing key persists before or after the authorization event: each key is derived from quantum entropy at the moment of biometric authentication, used once, and immediately destroyed. We characterize the performance of a Node.js software implementation of this architecture using the ML-DSA-87 algorithm (NIST FIPS 204, Dilithium5, Security Level 5). Across a full concurrency benchmark matrix of 4,200 signing ceremonies (1,000 × CSPRNG at concurrency levels 1, 5, 10, and 25; 100 × NIST Randomness Beacon at concurrency levels 1 and 5), mean end-to-end latency at concurrency=1 was 23.91 ms, with a 95th-percentile latency of 37.51 ms and a sustained throughput of 41.80 ceremonies per second. Key destruction was confirmed in under 0.01 ms post-signing, with 4,992 bytes of key material (secret key, session seed, and entropy buffer) confirmed all-zeros via per-ceremony readback verification across all 4,200 ceremonies. All ceremonies passed mandatory post-quantum signature verification before returning a result. Throughput remained stable at 40–44 TPS across all concurrency levels, confirming algorithm-level consistency under load. These figures characterize the software baseline; the forthcoming PALLAS hardware implementation targets sub-millisecond key operations enforced inside an Infineon SLC27 TEGRION EAL6+ secure element.

1.Introduction — The Post-Quantum Migration Imperative

The cryptographic infrastructure underpinning global financial systems — RSA, ECDSA, and Diffie-Hellman key exchange — is predicated on the computational intractability of integer factorization and discrete logarithm problems. A sufficiently powerful quantum computer running Shor's algorithm renders all three problems tractable in polynomial time, invalidating the security guarantees on which SWIFT messaging, RTGS settlement rails, institutional custody, and correspondent banking currently depend.1

The National Institute of Standards and Technology finalized four post-quantum cryptographic standards in August 2024: FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), FIPS 205 (SLH-DSA), and FIPS 206 (SLH-DSA-SHA2). Concurrently, NIST deprecated RSA and ECC for federal use with a mandatory migration deadline of 2030. OSFI, the Bank for International Settlements Innovation Hub, and the Financial Stability Board have each issued guidance indicating that financial institutions must demonstrate post-quantum readiness within their strategic planning horizons.

However, the migration challenge for financial institutions is not merely algorithmic. Legacy hardware security modules (HSMs), which form the trust anchor of most payment authorization pipelines, present a structural vulnerability that algorithm substitution alone does not resolve: the persistence of private keys in tamper-resistant storage. A key that is stored — however securely — can be exfiltrated through side-channel attacks, insider compromise, supply chain interdiction, or future vulnerabilities in the HSM firmware. Migrating from RSA-2048 to ML-DSA-87 within an HSM that retains the private key long-term substitutes one algorithm for another without addressing the underlying key-persistence attack surface.

This paper describes an architecture that eliminates key persistence as a vulnerability class entirely.

Regulatory deadline — 2030: NIST has established 2030 as the mandatory migration deadline for federal cryptographic systems. OSFI, the Bank for International Settlements Innovation Hub, and the Financial Stability Board have each issued guidance requiring financial institutions to demonstrate post-quantum readiness within their strategic planning horizons. Institutions deploying QSK-authenticated infrastructure today are operating ahead of this window. Those that do not will face compressed, high-cost migration timelines under direct regulatory pressure — with no guarantee that compliant hardware will be available at scale in the window before enforcement.

2.The Harvest Now, Decrypt Later Threat Model

Nation-state adversaries are actively collecting encrypted financial communications today with the explicit intent of decrypting them retroactively once quantum computing capability matures — a strategy termed Harvest Now, Decrypt Later (HNDL).2 Classified assessments from the NSA, GCHQ, and CSE have indicated that cryptographically-relevant quantum computers (CRQCs) may be achievable within a 5–10 year horizon under well-resourced programs.

For financial institutions, the HNDL threat has two distinct dimensions. First, the confidentiality of historical transaction records: wire details, correspondent relationships, sovereign reserve movements, and custody positions collected today become decipherable when CRQCs arrive. Second, and more critically, the integrity of authorization chains: digital signatures applied today using RSA or ECDSA may be forgeable retroactively, enabling adversaries to fabricate transaction provenance records that appear indistinguishable from genuine historical authorizations.

The latter threat is not merely theoretical. Any institution that archives payment authorizations signed under classical algorithms is accumulating a liability whose magnitude grows proportionally to the assets those authorizations govern.

Key risk insight: A post-quantum signature applied to a transaction today is immune to retroactive forgery even after a CRQC becomes available. Institutions that migrate their signing infrastructure before the CRQC threshold protect the integrity of their entire historical authorization chain — those that do not face unbounded forensic liability.

3.Limitations of Legacy HSM Architectures

Current payment authorization infrastructure relies on Hardware Security Modules certified to FIPS 140-2/3 or Common Criteria EAL4+. These devices protect private keys through tamper-evident enclosures, active shielding, and secure key storage — but they do not eliminate key persistence. A private key enrolled in a legacy HSM exists continuously from enrollment through revocation, typically spanning months or years. This design reflects a reasonable engineering trade-off in the pre-quantum era, but it creates a concentrated, long-lived attack target.

Property Legacy HSM (RSA/ECDSA) QSK Architecture (ML-DSA-87)
Key lifetime Months to years 50–150 ms (ceremony duration only)
Quantum resistance None (RSA/ECC broken by Shor's) NIST FIPS 204 Security Level 5
Key extraction attack surface Continuous (key always present) Eliminated (key never persists)
Side-channel vulnerability window Persistent Single signing event only
Algorithm agnosticism (patent Claim 60) Vendor/firmware constrained Architecture-level, algorithm-independent
Biometric liveness gate Typically absent Hardware biometric liveness enforcement
HNDL retroactive forgery immunity No — RSA/ECC signatures are forgeable post-CRQC Yes — ML-DSA-87 is CRQC-resistant
Per-authorization audit record Varies by implementation Cryptographically bound, immutable

3.1 The PQC Data Inflation Barrier

Beyond algorithm vulnerability, legacy HSMs and banking infrastructure present a practical migration bottleneck: lattice-based signature schemes generate significantly larger key material and signatures than the RSA and ECC primitives that existing payment infrastructure was designed to carry.

Algorithm Public Key Signature Total Auth Payload Infrastructure Context
ECDSA P-256 (Classical) 64 B 64 B 128 B Ultra-lightweight. Fits any legacy field or network packet.
RSA-2048 (Legacy Standard) 256 B 256 B 512 B Compact. Standard text fields accommodate without modification.
ML-DSA-87 — native swap-in 2,592 B 4,595 B 7,187 B 14× payload inflation vs. RSA-2048. Triggers three independent infrastructure failure modes in existing rails.
ML-DSA-87 — PALLAS metadata overlay 2,592 B 4,595 B 7,187 B Appended as a non-breaking JSON authorization header. Settlement rails, message formats, and database schemas unchanged.

The cryptographic payload is identical in both integration paths. The architectural question is not whether to accept the lattice-based overhead — it is unavoidable under any NIST-standardized PQC scheme — but where that overhead lands: embedded inside legacy payment rails (catastrophic) or attached as an external non-breaking authorization record (zero disruption).

3.2 Three Vectors of Traditional PQC Integration Failure

Attempting to integrate ML-DSA-87 by upgrading existing core payment applications triggers three independent failure modes before a single business logic change is required.

1. Database Schema Truncation. Banking middleware and internal routing systems commonly define security token fields with rigid column sizes (e.g., VARCHAR(512)), engineered during an era when 256-byte RSA signatures represented the upper bound. A 4,595-byte ML-DSA-87 signature inserted into a 512-byte database column produces immediate data truncation, corrupted audit logs, and transaction database crashes. Remediating every security-bearing field across a global bank's internal application estate — which may span 200 or more discrete systems and millions of lines of legacy code — represents a multi-year, multi-hundred-million-dollar remediation programme.

2. Network MTU Fragmentation. Financial transaction networks are engineered for sub-millisecond round-trip times and optimized around standard network Maximum Transmission Unit (MTU) sizes of 1,500 bytes. A complete ML-DSA-87 authorization payload (public key + signature = 7,187 bytes) exceeds this limit by a factor of nearly 5×. Mandatory packet fragmentation introduces out-of-order delivery, retransmission overhead, and unpredictable latency spikes across high-volume SWIFT parsing engines and real-time gross settlement (RTGS) systems where deterministic timing is a regulatory requirement.

3. HSM Performance Collapse. Classical rack-mounted HSMs (Thales Luna Network HSM, Entrust nShield, IBM 4769) implement custom ASIC coprocessors hardcoded to accelerate modular exponentiation (RSA) and elliptic-curve point multiplication (ECDSA/ECDH). These processors have no native instruction path for the polynomial matrix arithmetic required by ML-DSA-87. Software-patching a classical HSM to support lattice-based operations forces the computation into software emulation on the HSM's general-purpose management processor, collapsing verified signing throughput by up to 90% of rated TPS. For institutions operating at 50,000+ transactions per second, this constitutes systemic capacity failure. Full fleet replacement at $40,000–$100,000 per unit across thousands of deployed devices represents an additional $200M–$1.5B in hardware expenditure before any software remediation costs.

The PALLAS Architecture Bypass: The QSK design eliminates all three failure modes simultaneously. The PALLAS authorization token appends as a standardized JSON metadata header without modifying settlement message formats (SWIFT MT103/MT202, ISO 20022 pacs.008, Fedwire, LYNX, SEPA, ACH). Database schemas, middleware, and clearing infrastructure require no modification in either deployment phase.

Under Phase 1 (Software SDK), ML-DSA-87 computation executes on the institution's existing servers. The estimated $2–5 billion native overhaul becomes a sandbox evaluation at $70,000 and a Regional Software License at $1,500,000/yr — a rounding error relative to the alternative.

Under Phase 2 (PALLAS Enterprise Hardware), the entire polynomial arithmetic workload transfers onto the Infineon SLC27 TEGRION EAL6+ secure element — the first commercially available secure element with native post-quantum hardware acceleration. The SLC27 executes key generation and signing at sub-millisecond targets, adding no measurable latency to existing settlement workflows while enforcing Chrono-Isolated Secrecy at silicon level within a FIPS 140-3 Level 3 certified tamper boundary. For institutions requiring the complete hardware-enforced QSK stack, Phase 2 is offered under two licensing tiers: the Regional Standard + HSM License at $2,500,000/yr plus hardware acquisition (covering regional deployment), and the Global Uncapped License at $3,500,000/yr plus hardware acquisition (unlimited institutional deployment, no per-site or per-region cap). Both tiers remain a fraction of the estimated alternative. Integration is confined to the authorization layer in both phases; 30 years of transactional source code remain unchanged.

The QSK architecture sidesteps each constraint by treating each authorization as a fully independent ceremony with no dependency on retained key state, enabling the performance profile measured in Section 6 of this paper.

4.The Quantum State Key Architecture and Chrono-Isolated Secrecy

The Quantum State Key (QSK) is a biometrically-triggered, quantum-entropy-derived, single-use ephemeral signing key. Its defining property — Chrono-Isolated Secrecy (CIS) — is a term coined by the inventor to describe a hardened post-quantum form of Perfect Forward Secrecy that protects past, present, and future sessions simultaneously. No prior art describes this precise lifecycle: a cryptographic signing key that does not exist before authentication, exists only for the duration of a single signing ceremony, and is cryptographically destroyed immediately after use.

4.1 Ceremony Lifecycle

Each authorization event triggers the following sequence. Timing values are empirically measured from the Node.js software implementation; hardware values reflect the PALLAS device target.

1Biometric Authorization GateHardware: Synaptics FS7600 liveness sensor  /  Software: IAM credential
└─ authentication verified → ceremony proceeds; failure → hard block, no key generated
2Quantum Entropy Fetch (QRNG)measured mean: 0.08 ms (CSPRNG) / 62–122 ms (NIST Beacon)
└─ 512 bits of entropy sourced (ANU API → NIST Beacon → CSPRNG fallback chain)
3Session Seed Derivation — HKDF-SHA-512sub-millisecond
└─ sessionSeed = HKDF(quantumEntropy ‖ credentialKey ‖ sessionSalt[random, 32 bytes])
4Ephemeral Keypair Generation — ML-DSA-87measured mean: 5.20 ms
└─ (publicKey, secretKey) = ML-DSA-87.keygen(sessionSeed[0:32])
5Transaction Record Signingmeasured mean: 12.39 ms
└─ signature = ML-DSA-87.sign(secretKey, JSON(authRecord))   authRecord binds: payload, timestamp, id, qrngSource
6Key Material Destruction (Zeroization)measured mean: 0.01 ms
└─ secretKey.fill(0) · sessionSeed.fill(0) · quantumEntropy.fill(0) · credentialKey.fill(0)
7Dilithium Gate — Mandatory Verificationmeasured mean: 5.31 ms
└─ ML-DSA-87.verify(publicKey, message, signature) → PASS: return result · FAIL: HTTP 403, event rejected

4.2 Key Derivation Hierarchy

The session seed is constructed such that two ceremonies using the same biometric credential and the same QRNG pulse will always produce different signing keys, because a fresh 32-byte random salt is generated per ceremony before the HKDF invocation. This ensures that even in environments where the QRNG source returns a repeated value (e.g., the NIST Beacon's 60-second pulse window), the derived keys remain cryptographically independent.

Derived MaterialAlgorithmInputsLifetime
Credential KeyHKDF-SHA-512IAM credential, random session salt (32 B)Ceremony duration
Session SeedHKDF-SHA-512Quantum entropy, credential key, record IDCeremony duration
ML-DSA-87 Secret KeyML-DSA-87.keygenSession seed (first 32 bytes)Signing event only (0.01 ms destruction)
ML-DSA-87 Public KeyML-DSA-87.keygenSession seed (first 32 bytes)Retained for audit ledger (verifying key only)

4.3 Patent Coverage

The QSK architecture is protected by a CIPO patent application filed April 14, 2026, comprising 71 claims. Notable claims relevant to financial institution deployment include: Claim 46 (entropy-agnostic — covers CSPRNG, QRNG, PUF, ring oscillator, or any entropy source), Claim 53 (software-only TEE implementation — covers Windows Hello, Apple Secure Enclave, TPM 2.0), Claim 60 (algorithm-agnostic — covers any digital signature scheme, present or future), Claim 62 (explicitly covers PQC schemes standardized after filing date), and Claims 69–71 (blockchain transaction signing applications). The Chrono-Isolated Secrecy property — defined as a signing key that does not exist before or after the ceremony window — has no identified prior art.

5.Benchmark Methodology

The software implementation evaluated in this paper is the PALLAS Auth SDK v0.1.0, a Node.js/TypeScript package implementing the full QSK ceremony. All measurements were collected on a commodity Windows 11 machine with no hardware cryptographic acceleration. The benchmark was executed using Node.js ≥ 18 with the @noble/post-quantum library (v0.2.1) for ML-DSA-87 operations and @noble/hashes (v1.4.0) for HKDF-SHA-512 derivation.

ParameterValue
SDK Version PALLAS Auth SDK v0.1.0
Runtime Node.js ≥ 18 (TypeScript via tsx)
Signing Algorithm ML-DSA-87 (CRYSTALS-Dilithium5, NIST FIPS 204, Security Level 5)
Key Derivation HKDF-SHA-512 (@noble/hashes v1.4.0)
Entropy Source CSPRNG (Node.js crypto.getRandomValues)
Benchmark Iterations1,000 ceremonies × 4 CSPRNG concurrency levels + 100 ceremonies × 2 NIST Beacon levels (4,200 total)
Timing Resolution performance.now() — sub-millisecond precision
Execution Model Full concurrency matrix: c=1, c=5, c=10, c=25 (CSPRNG); c=1, c=5 (NIST Beacon)
Test Payload JSON object: BENCHMARK_TX · $1,000,000 USD · benchmarkRun: true
Hardware Commodity Windows 11 · No hardware crypto acceleration

Each measurement reflects the complete end-to-end ceremony latency from the initial QRNG fetch call through the return of a verified signed result. Step-level timing is captured using inline performance.now() calls bracketing each discrete operation. A warm-up ceremony was executed prior to the benchmark run to eliminate JIT compilation and WASM initialization effects from reported figures.

In addition to the formal benchmark, five live transaction authorization payloads representing realistic financial instrument types were processed through the REST API layer (POST /authenticate) to validate end-to-end API behavior and confirm that all signed records pass independent post-hoc verification via POST /verify.

6.Empirical Results

6.1 Benchmark — 1,000 Ceremonies (Warm, CSPRNG, concurrency=1)

Mean Total Latency
23.91
milliseconds end-to-end
95th Percentile Latency
37.51
milliseconds (p95)
Sustained Throughput
41.80
ceremonies per second
Minimum Latency
16.17
milliseconds (best case)
99th Percentile Latency
50.71
milliseconds (p99)
Ceremonies Verified
4,200 / 4,200
Dilithium Gate: 100% pass rate

6.2 Per-Step Latency Breakdown

Ceremony Step Mean (ms) Notes
1. Entropy Fetch (QRNG) 0.08 CSPRNG is local and synchronous — mean 0.08 ms across 1,000 ceremonies. NIST Beacon adds ~62–122 ms (network). For air-gapped sandboxes, CSPRNG is recommended.
2. HKDF-SHA-512 Key Derivation < 0.5 Subsumed within QRNG timing. HKDF is computationally negligible.
3. ML-DSA-87 Keypair Generation 5.20 Pure JavaScript/WASM implementation. Mean across 1,000 ceremonies. On PALLAS hardware (SLC27 TEGRION), native PQC acceleration is expected to reduce this to sub-millisecond range.
4. ML-DSA-87 Signing 12.39 Dominant computational step in software. Produces a 4,595-byte signature over the JSON-encoded auth record. Mean across 1,000 ceremonies.
5. Key Material Zeroization <0.01 Critical metric. secretKey (4,896 B), sessionSeed (32 B), and quantumEntropy (64 B) overwritten with zeros — 4,992 bytes total. Readback verification confirmed all-zeros on 4,200/4,200 ceremonies. The signing key ceases to exist at this point.
6. Dilithium Gate Verification 5.31 Mandatory — result is not returned to the caller until the signature is independently verified. A failed gate returns HTTP 403 and rejects the authorization unconditionally. Mean across 1,000 ceremonies.
Total (end-to-end) 23.91 Mean across 1,000 warm ceremonies (CSPRNG, concurrency=1). p95: 37.51 ms · p99: 50.71 ms · min: 16.17 ms. Full concurrency matrix (4,200 total ceremonies) available in the supplementary benchmark report.

6.3 Live Transaction Authorizations

Five financial authorization payloads were processed through the REST API during the demonstration session. Each payload was independently verifiable via POST /verify using only the retained ephemeral public key — the secret key had been destroyed before the response was returned.

# Transaction Type Value Ceremony (ms) Gate
001 Cross-border wire — North American Clearing Member → European Correspondent Bank $5,000,000 USD 65.36* PASSED
002 Bond settlement — Canadian Clearing Member A → Canadian Clearing Member B $2,750,000 CAD 35.16 PASSED
003 Sovereign RTGS — Bank of Canada LYNX → Federal Reserve Fedwire $50,000,000 USD 28.03 PASSED
004 Digital asset custody release — Institutional Digital Custodian (ETF Redemption) 847.5 BTC (~$84.75M) 37.74 PASSED
005 SWIFT MT103 batch — Third-party SWIFT Service Bureau (1,247 messages) $312,500,000 USD 31.52 PASSED

* Cold start — first ceremony after process launch, inclusive of module initialization overhead.

6.4 Post-Hoc Audit Verification

Transaction 001 was submitted to POST /verify following the signing session. The ML-DSA-87 signature was verified against the retained ephemeral public key. Result: VALID. This confirms the auditability guarantee: any authorization signed under the QSK architecture can be cryptographically verified at any future point by any party holding the public key, regardless of whether the signing key has long since been destroyed.

7.Security Analysis

7.1 Key Extraction Attack Surface

In a legacy HSM, a successful side-channel attack, firmware exploit, or physical tamper event may recover a private key that remains valid for the remainder of its enrollment period — potentially years of future authorizations. Under the QSK architecture, the attack window is bounded by the ceremony duration (measured mean: 23.91 ms warm, CSPRNG concurrency=1). Even if an adversary could execute a perfect memory acquisition attack at arbitrary times, the probability of capturing a signing key in its ~24 ms existence window, across a process that may perform tens of authorizations per day, is negligibly small. On the physical PALLAS hardware, key material never exits the EAL6+ secure element boundary, reducing this attack surface further to the constraints of the Infineon SLC27's tamper-response circuitry.

7.2 The Dilithium Gate as Authorization Enforcement

The mandatory post-signing verification step — which we term the Dilithium Gate — serves a purpose beyond correctness checking. It ensures that no authorization result is returned to a calling system unless the signature is cryptographically valid against the public key derived from the same ceremony. In the software SDK, this is enforced in code. On the physical PALLAS hardware (Infineon SLC27 TEGRION EAL6+), this gate is enforced at the silicon level: the secure element's output is conditioned on the verification result, and the verification cannot be bypassed by software. All 4,200 benchmark ceremonies across the full concurrency matrix passed the Dilithium Gate unconditionally.

7.3 Forward Secrecy Properties

Classical Perfect Forward Secrecy (PFS) as implemented in TLS 1.3 protects the confidentiality of session keys: compromise of a long-term private key does not reveal past session keys, because each session key is ephemeral. The QSK architecture extends this property to the signing domain and eliminates the long-term private key entirely. There is no long-term key to compromise. Chrono-Isolated Secrecy therefore provides stronger guarantees than PFS: not only are past sessions protected from future key compromise, but there is no future key — each ceremony is cryptographically independent and self-contained.

7.4 Algorithm Longevity

ML-DSA-87 is the highest security level offered by FIPS 204, targeting security equivalent to AES-256 against both classical and quantum adversaries. The underlying mathematical problem — the Module Learning With Errors (MLWE) problem over structured lattices — is not known to be vulnerable to quantum algorithms. Shor's algorithm does not apply to lattice problems. Grover's algorithm provides at most a quadratic speedup against symmetric primitives, which is accounted for in the FIPS 204 security level parameterization. The QSK architecture's algorithm-agnostic design (patent Claim 60) further ensures that the architecture remains valid if ML-DSA-87 is superseded by a future standard, requiring only a parameter update rather than architectural redesign.

8.Integration Pathway for Financial Institutions

The PALLAS Auth SDK is designed for drop-in integration with existing payment authorization pipelines. No modification to settlement rails, message formats, or clearing infrastructure is required. The SDK exposes three REST endpoints suitable for integration with any backend technology stack:

EndpointMethodPurpose
POST /authenticatePOSTSubmit a transaction payload and IAM credential. Returns a signed authorization token (ML-DSA-87 signature + public key) and per-step timing metrics.
POST /verifyPOSTSubmit a previously signed token. Returns { valid: boolean }. Used for audit trail verification and downstream settlement confirmation.
GET /benchmarkGETExecute a configurable throughput benchmark and return latency percentiles and TPS. Parameters: ?iterations=N&concurrency=M.

The typical integration pattern for a payment authorization workflow is as follows: (1) the core banking system or payment gateway constructs the authorization object; (2) before the instruction enters the settlement rail, the system calls POST /authenticate with the authorization object and the operator's IAM credential; (3) on receipt of a verified signed token, the token is attached to the payment message as a quantum-authenticated authorization header; (4) the signed token travels with the instruction through the rail; (5) at settlement, the receiving institution's system calls POST /verify to confirm the authorization is cryptographically valid. The signing key that produced the authorization no longer exists — it was destroyed within milliseconds of creation — but the verification remains unconditionally valid.

Zero rail modification required: PALLAS authentication operates strictly through standard JSON metadata. SWIFT MT103/MT202 message formats, Fedwire, LYNX, SEPA, and ACH instruction structures are entirely unchanged. The signed authorization token attaches as a structured header and travels with the payment instruction through existing clearing infrastructure — no middleware, no format translation, no settlement rail negotiation is required. Integration is confined to the authorization layer; clearing and settlement proceed identically.
Sandbox recommendation: For fully air-gapped evaluation environments, set the environment variable QRNG_SOURCE=csprng to disable external QRNG network calls. All cryptographic properties of the ceremony are identical under CSPRNG; the only difference is the entropy source's quantum physical origin. For environments with controlled internet access, whitelisting beacon.nist.gov enables quantum-sourced entropy via the NIST Randomness Beacon.

9.Hardware Escalation: PALLAS Enterprise

The software SDK characterizes the QSK ceremony's cryptographic properties and latency profile on commodity hardware. The PALLAS Enterprise device — Pilon Laboratories' banking-grade hardware variant — replaces each software-emulated component with purpose-built silicon, enforcing the same ceremony at hardware level with no key material ever accessible to host software. Core components are identical across consumer and enterprise variants; the enterprise configuration adds an institutional-grade enclosure, enterprise fleet management firmware, and a FIPS 140-3 Level 3 certification pathway:

ComponentHardwareFunction
Entropy Source IDQ6MC1 QRNG True quantum random number generation, on-device, sub-millisecond. Eliminates network QRNG latency entirely.
Secure Element Infineon SLC27 TEGRION EAL6+ First commercially available secure element with native PQC hardware acceleration. Enforces Dilithium Gate at silicon level. All key operations occur within the tamper-resistant boundary.
Biometric Sensor Synaptics FS7600 In-sensor fingerprint matching with liveness detection. Biometric data never leaves the sensor. Prevents relay and replay attacks.
Host MCU NXP LPC55S69 (TrustZone) ARM TrustZone-M isolation between secure and non-secure worlds. Orchestrates ceremony and peripheral communication.
Deployment PALLAS Enterprise Officer-desk form factor for institutional deployment. Enterprise fleet management with centralized audit logging. FIPS 140-3 Level 3 certification pathway in progress. Classical network HSM equivalents (Thales Luna, nShield, IBM 4769) carry acquisition costs of $40,000–$100,000+ per unit and provide no post-quantum signing capability. PALLAS Enterprise delivers native ML-DSA-87 ephemeral signing with hardware QRNG and biometric liveness detection — a combination unavailable at any price in classical HSM architectures. Commercial delivery Q2 2027. See commercial matrix below.

On the PALLAS Enterprise device, the total QSK ceremony target is 50–150 ms, with QRNG entropy acquisition measured in microseconds (vs. 0.08 ms software CSPRNG and 62–450 ms NIST Beacon). The SLC27 TEGRION's native post-quantum coprocessor is expected to reduce key generation and signing times to sub-millisecond ranges. The software SDK figures reported in Section 6 therefore represent a conservative baseline; production hardware performance will be reported separately following prototype validation.

PALLAS Enterprise HSM — Pilon Laboratories Inc.
Figure 1. PALLAS Enterprise — officer-desk deployment. Matte obsidian aluminum chassis with biometric signing interface and status indicator. Pre-production render.

9.1 PALLAS Enterprise QEV Edition — Integrated Quantum-Encrypted Vault

The PALLAS Enterprise QEV Edition extends the base signing module with a physically isolated quantum-encrypted document vault on a dedicated PCB partition. The vault section carries no electrical path to the network-connected signing module — it is air-gapped by design, accessible exclusively via biometric authentication at the device itself. Every file operation (write, read, delete) triggers an independent QSK ceremony, producing a unique ML-DSA-87 signature bound to that operation. Files are stored in the PALLAS Quantum Encrypted Vault format and never traverse any network interface under any operating mode.

Internal NVMe storage supports up to 245 TB per drive using enterprise E3.L form-factor NVMe (Kioxia LC9-class, PCIe Gen5, QLC NAND with CBA packaging — currently in enterprise sampling, targeted for commercial availability ahead of the Q2 2027 PALLAS Enterprise delivery window). A dual-drive configuration supports up to 491 TB behind the tamper boundary. The vault is appropriate for board-level communications, M&A documentation, regulatory correspondence, and any class of material whose sensitivity requires air-gapped physical custody. Officers retain their vault data on the physical device; no cloud, no server, no network path exists.

9.2 Commercial Rollout — Two-Phase Deployment Strategy

PALLAS Enterprise is offered under a phased commercial model. Phase 1 allows institutions to begin evaluating the QSK architecture immediately via software SDK, generating recurring revenue that funds ongoing hardware engineering. Phase 2 delivers the complete Chrono-Isolated Secrecy enforcement stack at silicon level. Phase 1 sandbox and licensing fees are credited in full against Phase 2 Year 1 costs upon execution of a production agreement.

Phase 1 — Software-Only SDK Infrastructure (Available Now)

EngagementPrice (USD)Description
Sandbox Evaluation — 60 daysFrom $70,000SDK source access, REST API integration, CSPRNG-mode air-gapped testing, full benchmark reporting, and integration support. Hardware evaluation units included where available. Contact Pilon Laboratories for an institutional evaluation proposal.
Regional Software License$1,500,000 / yearFull REST API access, all algorithm variants (ML-DSA-87 / SLH-DSA-128s), software updates, and enterprise support SLA. Per region. Sandbox evaluation fees credited against Year 1. Upgrades to Phase 2 hardware-bonded license at any time.

Phase 2 — Hardware-Bonded Ecosystem (Production — Q2 2027)

ConfigurationPre-Certification (USD)Post-FIPS 140-3 L3 (USD)
Regional Standard + HSM License — per region$2,500,000 / year  ·  Full hardware-bonded API, all algorithm variants, updates, SLA, compliance documentation. Covers regional deployment. Phase 1 fees credited against Year 1.
Global Uncapped License — unlimited deployment$3,500,000 / year  ·  Full hardware-bonded API, all algorithm variants, updates, SLA, compliance documentation. No per-site or per-region cap — institution-wide global rollout rights. Phase 1 fees credited against Year 1.
PALLAS Base — Signing module only$89,999$145,000
PALLAS Entry — 4 TB air-gapped QEV vault$109,999$159,000
PALLAS Mid — 61 TB air-gapped QEV vault$124,999$179,000
PALLAS Pro — 245 TB air-gapped QEV vault (1 × PCIe Gen5 E3.L)$149,999$205,000
PALLAS Max — 491 TB air-gapped QEV vault (2 × PCIe Gen5 E3.L)$189,999$249,000

Pre-certification pricing reflects early-adopter access. Post-certification pricing reflects the fully FIPS 140-3 Level 3 validated production configuration. Hardware pricing is one-time per unit. All prices USD. Volume fleet and multi-jurisdiction arrangements subject to bespoke negotiation.

Engagement pathway: Institutions begin with a Phase 1 software sandbox evaluation ($70,000 USD), proceed to a Regional Software License ($1,500,000/year) where hardware deployment is not yet required, and upgrade to the full hardware-bonded Phase 2 suite upon device availability — either the Regional Standard + HSM License ($2,500,000/year) for regional deployment or the Global Uncapped License ($3,500,000/year) for institution-wide global rollout. All Phase 1 fees are credited in full against Phase 2 Year 1 costs upon execution of a production agreement. SDK source, REST API specifications, and evaluation units provided under Confidential Disclosure Agreement. Contact Pilon Laboratories for an institutional evaluation proposal.

10.Conclusion

The QSK architecture and its Chrono-Isolated Secrecy property represent a principled response to the convergence of two threats facing financial institutions: the imminent arrival of cryptographically-relevant quantum computers, and the structural vulnerability introduced by long-lived private keys in legacy HSM deployments. By eliminating key persistence as a design property — rather than merely protecting it through hardware enclosure — QSK removes an entire attack surface class from the threat model.

The Node.js benchmark data presented in this paper establishes the software baseline: 23.91 ms mean ceremony latency (CSPRNG, concurrency=1), 41.80 ceremonies per second sustained throughput, and under 0.01 ms key destruction time on commodity hardware with no cryptographic acceleration. 4,992 bytes of key material per ceremony were confirmed all-zeros via readback verification across all 4,200 ceremonies in the full concurrency matrix. Throughput remained stable at 40–44 TPS across concurrency levels 1, 5, 10, and 25, confirming algorithm consistency under concurrent load. Signed records remain independently verifiable via retained ephemeral public keys indefinitely, providing a cryptographically sound audit trail compatible with regulatory inquiry requirements.

We invite Chief Quantum Risk Officers and their cryptographic architecture teams to evaluate the PALLAS Auth SDK within their sandbox environments under a structured Paid Proof-of-Concept agreement. The SDK is deployable in fully air-gapped environments, requires no modification to existing payment rail infrastructure, and produces signed authorization tokens compatible with any downstream settlement system capable of accepting structured JSON metadata.

Engagement contact: Derek Arsenault, Founder & Inventor · Pilon Laboratories Inc., Truro, Nova Scotia · pilonlaboratories.com

1  Shor, P.W. (1994). Algorithms for quantum computation: discrete logarithms and factoring. Proceedings 35th Annual Symposium on Foundations of Computer Science. IEEE.

2  National Security Agency (2022). Quantum Computing and Post-Quantum Cryptography FAQ. NSA Cybersecurity Information Sheet.

3  National Institute of Standards and Technology (2024). Module-Lattice-Based Digital Signature Standard (ML-DSA). FIPS 204.

4  Pilon Laboratories Inc. (2026). Quantum State Key — CIPO Patent Application. Filed April 14, 2026. 71 claims. Inventor: Derek Arsenault.

5  Infineon Technologies AG (2024). SLC27 TEGRION — Security Controller with Native PQC Support. Product Brief.

All benchmark figures are empirically measured. Raw benchmark data, SDK source code, and REST API specifications are available under a Confidential Disclosure Agreement for evaluation by qualified financial institution security teams.